* Add explanation and example to vendor option
##### SUMMARY
<!— Your description here –>
##### ISSUE TYPE
- Docs Pull Request
+label: docsite_pr
* Update plugins/modules/identity/keycloak/keycloak_user_federation.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 7b86fa6a7d)
Co-authored-by: clovis-monmousseau <58973012+clovis-monmousseau@users.noreply.github.com>
* Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt.
* Replace 'Copyright:' with 'Copyright'
sed -i 's|Copyright:\(.*\)|Copyright\1|' $(rg -l 'Copyright:')
Co-authored-by: Maxwell G <gotmax@e.email>
(cherry picked from commit 123c7efe5e)
Co-authored-by: Felix Fontein <felix@fontein.de>
* keycloak_realm: fix default groups and roles (#4241)
* add changelog fragment
(cherry picked from commit 7ee15f95f7)
Co-authored-by: adam-cleo <90759784+adam-cleo@users.noreply.github.com>
* Get first found configuration file
There are three valid places to get the configuration.
https://developer.1password.com/docs/cli/about-biometric-unlock#remove-old-account-information
* Use common config class
* Add changelog fragment
* Explicitly use new style classes for Python 2.7 compatibility
This shouldn’t matter for lookups, but does matter for module_utils
and modules since Python 2.7 is still supported on the managed node.
* Update changelogs/fragments/4065-onepassword-config.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* keycloak: fix creating a user federation w/ idempotent id
Creating a user federation while specifying an id (that doesn't exist
yet) will fail with a 404. This commits fix this behavior.
* keycloak: fix user federation mapper duplication
This commit fixes a bug where mappers are duplicated instead of
configured when creating a user federation.
When creating a user federation, some mappers are autogenerated by
keycloak. This commit lets the keycloak_user_federation module recompute
mappers final values after the user federation is created so that the
module can try to merge them by their name.
* add missing fragment for pr #4212
* Add PTR synchronization support for dnszones
* Add changelog fragment
* Update changelogs/fragments/3374-add-ipa-ptr-sync-support.yml
Update to reflect proper module name.
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/identity/ipa/ipa_dnszone.py
Add period.
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/identity/ipa/ipa_dnszone.py
Remove requires comment.
Co-authored-by: Felix Fontein <felix@fontein.de>
* Change type to boolean in following with API docs
* Tested with needed changes made.
* Fix documentation to max implementation
* Check for specific params; allow for modifications if needed
* Add PTR synchronization support for dnszones
* Add changelog fragment
* Update changelogs/fragments/3374-add-ipa-ptr-sync-support.yml
Update to reflect proper module name.
Co-authored-by: Felix Fontein <felix@fontein.de>
* Remove trailing whitespace
* Make use of full search and compare params
* Fix formatting errors
* Move the change flag outside of module check
* Fix itens typo to items
* Update dynamicupdate to a boolean
* Remove unnecessary flags and options
* Minor comment changes
* Update changelogs/fragments/3374-add-ipa-ptr-sync-support.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/identity/ipa/ipa_dnszone.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Anne-Marie Lee <alee@datainterfuse.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Prepare for distutils.version being removed in Python 2.12.
* Fix copy'n'paste error.
* Re-add Loose prefix.
* Fix Python version typos.
* Improve formulation.
* Move message into own line.
* Fix casing, now that the object is no longer called Version.
* KeycloakClientDiffBugs - Introduce test that passes.
* KeycloakClientDiffBugs - Add test to show that checking of redirect_uri's fails.
* KeycloakClientDiffBugs - (Fix1) Update so that checking of `redirectUris` no longer shows a change.
* KeycloakClientDiffBugs - Add test to show that checking of attributes's fails (sorting issue)
* KeycloakClientDiffBugs - (Fix2) Update so that checking of `attributes` no longer shows a change.
* KeycloakClientDiffBugs - Add test to show that checking of protocol_mappers's fail
* KeycloakClientDiffBugs - (Fix3) Update so that checking of `protocol_mappers` no longer shows a change when there is none.
* Introduce code fragment.
* Update the changelog to be based on the PR instead of the issue.
* Fix the readme
* Fix yaml indentation.
* Fix pep8
* Update changelogs/fragments/3610-fix-keycloak-client-diff-bugs-when-sorting.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/3610-fix-keycloak-client-diff-bugs-when-sorting.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/identity/keycloak/keycloak_client.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Remove need for .copy() after making normalise_cr not mutate the dict.
Co-authored-by: Pierre Dumuid <pierre@knowyourdata.com.au>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Consistent Modules - Rename updated_?? to desired_?? in all the keycloak modules.
* Consistent Modules - Rename the comments, and add whitespace so that all the modules are a lot more consistent between each other.
* Consistent Modules - Remove final elif where a final else doesn't exist.
This is to address the inconsistency between the other modules.
Whilst I can see it being more descriptive, there should be a final "else:" to cater if the values is neither 'absent' or 'present'.
* Consistent Modules - Use dict() instead of {} like most of the other keycloak modules.
* Consistent Modules - Update keycloak authentication so that the if ordering is consistent for no-item.
* Consistent Modules - Move the 'Filter and map' process to always occur before getting an existing item.
* Consistent Modules - Be consistent with how to initialse before_?? and set it to dict() if it is None.
* Consistent Modules - Add module.exit_?? in the locations as per the other modules.
* Consistent Modules - Represent result['diff'] using dict(before=.., after=...) as per all the other modules.
* Consistent Modules - Add / Move location of when result['end_state'] is getting defined.
* Consistent modules - Add result['changed'] = False where we do nothing and exit because item exists.
* Consistent Modules - Set the value result['changed'] to True earlier so it shows up when in checking mode only.
* Consistent Modules - test for equality with a dict to assert there was no realm in the first place as per the other modules.
* Consistent Modules - Address the spelling.
* Consistent Modules - keycloak_group - Remove result['group'] as result['end_state'] is the consistent value used in the other modules.
* Consistent Modules - Order the lines in the section, Do nothing and exit consistently.
* Consistent Modules - Add result['end_state'] and still add deprecated `flow` return value.
* Consistent Modules - Add missing return documentation for `msg`.
* Consistent Modules - Tweak whitespace in the RETURN variable.
* Consistent Modules - Add result['group'] in addition to deprecated result['group'] response.
* Consistent Modules - Add return property, 'contains' to address test errors.
* Consistent Modules - Rename updated_?? to desired_?? in new modules since initial PR.
* Consistent Modules - Rename the comments, and add whitespace so that all the (recently added) modules are a lot more consistent between each other.
* Consistent Modules - Make indentation consistent within the response document.
* Consistent Modules - Use B(DEPRECATED) in a seperate line in the description.
* Consistent Modules - Add a lot of full stops to sentences.
* Consistent Modules - Use C(...) and I(...) formatting methods.
* Consistent Modules - Use "on success" everywhere for end_state response documentation.
* Consistent Modules - Update the documents for RETURN.proposed, RETURN.existing, RETURN.end_state to be the same.
* Consistent Modules - Add fragment.
* Remove period after short_description.
* Update changelog fragment.
* Consistent Modules - PRFeedback - Remove `module.exit_json(**result)` within the `Delete` section of the if statement.
There's a exit_json(..) immediately after.
* Consistent Modules - PRFeedback - Use `if not x_repr` instead of `if x_repr == dict()`.
* keycloak_authentication - Add a sample of the output.
* Replace `dict()` with `{}` for all the keycloak modules.
* Add the requested deprecated notices
* Update changelogs/fragments/3280-keycloak-module-cleanup-and-consistency.yml
Co-authored-by: Pierre Dumuid <pierre@knowyourdata.com.au>
Co-authored-by: Felix Fontein <felix@fontein.de>
* ipa: add append parameter to modify_if_diff
* ipa_group: add state: append
* ipa_group: rework append to an option instead of another state
* ipa_group: append default=no
* ipa_group: add change fragment for new append option
* ipa_group: restore descriptions for group and user
* ipa_group: re-add missed quotation mark
* ipa_group: set default for append in
argument_spec
* ipa_group: add .yml ext to fragement file
* ipa_group: corrections to append description
* ipa_group: refine change fragement text
Co-authored-by: Felix Fontein <felix@fontein.de>
* ipa_group: use correct macros in option descriptions
Co-authored-by: Felix Fontein <felix@fontein.de>
* ipa_group: include append in user and group descriptions
* ipa_group: add version_added
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Fix diff mode when updating authentication flow with keycloak_authentication module
* Update documentation of create_or_update_executions function (return tuple instead of dict)
* Fix: Update requirement when new exex created
* Add changelog fragment
* Update changelogs/fragments/3330-bugfix-keycloak-authentication-flow-requirements-not-set-correctly.yml.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update changelogs/fragments/3330-bugfix-keycloak-authentication-flow-requirements-not-set-correctly.yml.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
* Edit requirement of sublow
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add authentication_flow_binding_overrides option to the keycloak_client module
* Add changelog fragment
* Update changelogs/fragments/2949-add_authentication-flow-binding_keycloak-client.yml
Co-authored-by: Amin Vakil <info@aminvakil.com>
* Update plugins/modules/identity/keycloak/keycloak_client.py
Co-authored-by: Amin Vakil <info@aminvakil.com>
* Update plugins/modules/identity/keycloak/keycloak_client.py
Co-authored-by: Amin Vakil <info@aminvakil.com>
* Add unit test authentication_flow_binding_overrides feature on keycloak_client module
Co-authored-by: Amin Vakil <info@aminvakil.com>
* Fix bug when 2 identical executions in same auth flow
* Add changelog fragment
* Fix unit tests
* Update changelogs/fragments/2904-fix-bug-when-2-identical-executions-in-same-auth-flow.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Allow keycloak_group.py to take token as parameter for the authentification
Refactor get_token to pass module.params + Documentation
Fix unit test and add new one for token as param
Fix identation
Update plugins/modules/identity/keycloak/keycloak_client.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Update plugins/modules/identity/keycloak/keycloak_clienttemplate.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Allow keycloak_group.py to take token as parameter for the authentification
Refactor get_token to pass module.params + Documentation
* Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Check if base_url is None before to check format
Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Update plugins/modules/identity/keycloak/keycloak_client.py
Co-authored-by: Amin Vakil <info@aminvakil.com>
Update plugins/modules/identity/keycloak/keycloak_clienttemplate.py
Co-authored-by: Amin Vakil <info@aminvakil.com>
Switch to modern syntax for the documentation (e.g. community.general.keycloak_client)
Update keycloak_client.py
Update keycloak_clienttemplate.py
Add keycloak_authentication module to manage authentication
Minor fixex
Fix indent
* Update plugins/modules/identity/keycloak/keycloak_authentication.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Update plugins/modules/identity/keycloak/keycloak_authentication.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Update plugins/modules/identity/keycloak/keycloak_authentication.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Update plugins/modules/identity/keycloak/keycloak_authentication.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Update plugins/modules/identity/keycloak/keycloak_authentication.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Removing variable ANSIBLE_METADATA from beginning of file
Minor fix
Refactoring create_or_update_executions :add change_execution_priority function
Refactoring create_or_update_executions :add create_execution function
Refactoring create_or_update_executions: add create_subflow
Refactoring create_or_update_executions: add update_authentication_executions function
Minor fix
* Using FQCN for the examples
Minor fix
Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Update plugins/modules/identity/keycloak/keycloak_authentication.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Update plugins/modules/identity/keycloak/keycloak_authentication.py
Co-authored-by: Felix Fontein <felix@fontein.de>
Refactoring: rename isDictEquals into is_dict_equals
Refactoring: rename variable as authentication_flow
Refactoring: rename variable as new_name
Refactoring: rename variable as flow_list
Refactoring: rename variable as new_flow
Refactoring: changing construction of dict newAuthenticationRepresentation and renaming as new_auth_repr
Minor fix
* Refactoring: rename variables with correct Python syntax (auth_repr, exec_repr)
Move create_or_update_executions function from keycloak.py to keycloak_authentication.py
Minor fix
Remove mock_create_or_update_executions not needed anymore
Fix unit test
Update plugins/module_utils/identity/keycloak/keycloak.py
is_dict_equals function return True if value1 empty
Update plugins/module_utils/identity/keycloak/keycloak.py
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Rename is_dict_equal as is_struct_included and rename params as struct1 and struct2
Rename variables according to Python naming conventions
Refactoring: add find_exec_in_executions function in keycloak_authentication to remove code duplication
typo
Add blank line
Add required parameter, either creds or token
Typo
try/except only surround for loop containing struct2[key]
Add sub-options to meta_args
assigment of result['changed'] after if-elif-else block
Fix CI error: parameter-type-not-in-doc
Fix unit test: none value excluded from comparison
Minor fix
Simplify is_struct_included function
Replace 'type(..) is' by isinstance(..)
Remove redundant required=True and redundant parenthesis
Add check_mode, check if value is None (None value added by argument spec checker)
Apply suggestions from code review
Update plugins/modules/identity/keycloak/keycloak_authentication.py
* Update plugins/modules/identity/keycloak/keycloak_authentication.py
* Add index paramter to configure the priority order of the execution
* Minor fix: authenticationConfig dict instead of str
Co-authored-by: Felix Fontein <felix@fontein.de>
* fix sudorule_add_allow_command_group
fix sudorule_add_allow_command_group is not working on freeIPA 4.8.7 at least, sudorule_add_allow_command should be used instead with item sudocmdgroup
* Added changelog fragment
* keycloak_realm.py: Fix the `ssl_required` parameter according to the API
The `ssl_required` parameter is a string and must be one of 'all',
'external' or 'none'. Passing a bool will make the server return a 500.
* fixup! keycloak_realm.py: Fix the `ssl_required` parameter according to the API
* Update changelogs/fragments/keycloak_realm_ssl_required.yml
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* keycloak_realm.py: Mark 'reset_password_allowed' as no_log=False
This value is not sensitive but Ansible will complain about it otherwise
* fixup! keycloak_realm.py: Mark 'reset_password_allowed' as no_log=False
* Apply all suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
* Keycloak: add realm management
* Minor fixes
* Review fixes
* Remove sort of list because condition on list cannot be true
* Add exception in fail_json and update test
* Change output for secret and version in comments
* Update copyright
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add missing traceback
* Apply suggestions from code review
* Update plugins/modules/identity/keycloak/keycloak_realm.py
Co-authored-by: Felix Fontein <felix@fontein.de>